Splunk Search

Community Activity

	Splunk query to eliminate specific events Hi All,Below is my Splunk query.I want to only eliminate the result if "UPN" & "Event_title" both are the same for 7 ... by alexspunkshell Contributor in Splunk Search 04-29-2021 0 7	0	7
	How to combine multiple rows (from sub search results) into different columns on single row (main search) I have a query that returns the following result. Column 1Column 2A1A2B1B2C1C2D1D2 And I would like to transform it ... by Raymond2T Path Finder in Splunk Search 04-29-2021 0 2	0	2
	Searching/Listing down all Installed App Usage, to find how which is the least used app. Hey all!I am tasked to do some housekeeping and find out which installed apps are being used the least so that I can ... by jawk339 Engager in Splunk Search 04-29-2021 0 2	0	2
	Splunk DB Connect and Neo4j anyone? I am trying to connect to Neo4j using their JDBC driver with no luck. Has anybody done better than this? by Paolo_Prigione Builder in Splunk Search 04-29-2021 0 7	0	7
	Get top 20 queries for avarage execution time Hello there  So, I've extracted from the log, using rex, the time, called OSY_time and each individual slow query, c... by marco_carolo Path Finder in Splunk Search 04-29-2021 0 1	0	1
	table returns duplicates for extracted Fields that are not Selected table returns duplicates for extracted Fields that are not Selected fieldsIn the following image, host is a Selected ... by johnrk Engager in Splunk Search 04-29-2021 0 4	0	4
	How do you generate CSV File on Schedule basis automatically as an attachment to Email. Hello,How do we schedule a CSV file as an attachment to the Email. What is the script that needs to be added in the s... by Dheeru Engager in Splunk Search 04-29-2021 0 1	0	1
	extract multiple values from fields in same event Hello team , I am having one event in which single field have multiple value like provided below: {"body":{"records":... by kannu Communicator in Splunk Search 04-28-2021 0 3	0	3
	regex Hi all,I have a column containingRequest = REQ_IN ...... { ...... "productId": "test", ...... { ....... "productId": ... by simo Path Finder in Splunk Search 04-28-2021 0 11	0	11
	What is the search for creating account on MAC OS? What is the search for creating account on MAC OS? by NewZealandGrom Loves-to-Learn Lots in Splunk Search 04-28-2021 0 0	0	0
	How to collect events that form part of a common tree I have a large NodeRED JSON flows.json file that I'm ingesting into Splunk. In that file there are one or more 'flows... by bowesmana SplunkTrust in Splunk Search 04-28-2021 0 0	0	0
	makemv and mvindex not working as expected I am working with JSON data type events and am trying to extract the username (user1, user2) from the pathspec data s... by ankit Explorer in Splunk Search 04-28-2021 0 3	0	3
	Find results that are not in a transaction The data is MFA attempts in O365. I have an alert that fires whenever someone denies an MFA push. The thing is, somet... by xtinas Engager in Splunk Search 04-28-2021 0 0	0	0
	Count by Day of Week I am on Day 2 with Splunk.I am trying to get the average number of records by Day of the Week (Mon, Tue, Wed, etc) of... by Craig_Ph Loves-to-Learn Lots in Splunk Search 04-28-2021 0 1	0	1
	Using like() not working in where statement I have an alerts index which has a data.rule.name field containing the following values:COVID-19 linked Cyber Attacks... by bpna Explorer in Splunk Search 04-28-2021 0 2	0	2
	Query Performace Hello, I am building a query to be able to display a line graph of status (offline, online) over a period of 30days.... by dglass0215 Path Finder in Splunk Search 04-28-2021 0 5	0	5
	Extract all key value pairs JSON I have the following log example and Splunk correctly pulls the first few fields (non-nested) as well as the first va... by kwarre3036 Explorer in Splunk Search 04-28-2021 0 6	0	6
	Dealing with Datetime in Splunk Henny! Hello respected members of the prestigious forum of SplunkI have been working with datetimes in splunk and it is maki... by andres91302 Communicator in Splunk Search 04-28-2021 0 0	0	0
	Need help on how to alert if daily count exceed 30 days average Hi all, Need some advice here. I have some logs that has the URL and the HTTP response code. Sample here POST /a... by acesolar Engager in Splunk Search 04-28-2021 0 2	0	2
	values are missing pot lookup Not able to find the stats details for all M. tried fill null . it is not working index=UA sourcetype=apps appname="... by abdul Explorer in Splunk Search 04-28-2021 0 3	0	3
	Extract fields from drop down option and use in search I have a drop down in my dashboard which looks up a csv file having client information in one of the rows named domai... by thenormalone Path Finder in Splunk Search 04-28-2021 0 2	0	2
	how to calculate how much data each search-head-clustering is searching How to calculate how much data each search-head-clustering is searching by Vignesh-107 Path Finder in Splunk Search 04-28-2021 0 3	0	3
	Ldapsearch query speed difference Greetings,We have a Splunk Environment with 3 Search Head in the SHC.We try to perform an ldapsearch command using th... by omershira Explorer in Splunk Search 04-28-2021 0 0	0	0
	IPlocation command not working for all the IPs Hi Team,Im trying to get the user location based on the ip address in splunk but IPlocation command is failing to ret... by kranthimutyala Path Finder in Splunk Search 04-28-2021 0 1	0	1
	S3 Bucket Logging I have a bunch of web servers that are currently streaming their logs (real time) into an S3 bucket.I have the Splunk... by bgill0123 Loves-to-Learn in Splunk Search 04-28-2021 0 0	0	0